Blackphone And Silent Circle Launch Bug Bounty Programmes
Blackphone and Silent Circle are to reward hackers who report vulnerabilities
Blackphone and Silent Circle have announced a bug bounty programme that rewards hackers for finding vulnerability either in the Silent Circle family of services or in the PrivatOS operating system used by the privacy-focused smartphone.
A minimum of $128 will be offered to individuals who are first to report a vulnerability and do not disclose it before Blackphone or Silent Circle is able to issue a fix, with higher rewards given for more serious bugs.
Blackphone security programme
“Ensuring the privacy of its users is at the core of what do, making security of the utmost importance,” says Toby Weir-Jones, CEO of Blackphone. “By launching our Bugcrowd bug bounty program, both companies are assuring their customers that their smartphone and communication software is subjected to the latest testing and assessment techniques, while providing a form of compensation for successful contributors.”
The Blackphone was launched by SGP Technologies, a Swiss-based joint-venture between Silent Circle and Spanish smartphone manufacturer Geeksphone, and promises to protect users from government surveillance programmes with encrypted texts, calls and secure private cloud storage through Spideroaks.
However earlier this year, a hacker appeared to defeat the security features of the device by enabling the Android Debug Bridge (ADB) to get root access to the device without unlocking the Android bootloader as PrivatOS is based on Android 4.4 KitKat. Silent Circle thanked the hacker, known as ‘Justin Case’, but doubted whether the vulnerability could be exploited in normal circumstances.
What do you know about famous hackers? Take our quiz!